fix CVE-2020-24370
(cherry picked from commit 63f384c0a82a36aec9540f980226692e3d40ec2f)
This commit is contained in:
lingsheng
openeuler-sync-bot
parent
96af17052e
commit
fefd22e263
36
backport-CVE-2020-24370.patch
Normal file
36
backport-CVE-2020-24370.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From b5bc89846721375fe30772eb8c5ab2786f362bf9 Mon Sep 17 00:00:00 2001
|
||||
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
|
||||
Date: Mon, 3 Aug 2020 16:25:28 -0300
|
||||
Subject: [PATCH] Fixed bug: Negation overflow in getlocal/setlocal
|
||||
|
||||
---
|
||||
com32/lua/src/ldebug.c | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/com32/lua/src/ldebug.c b/com32/lua/src/ldebug.c
|
||||
index e1389296e..bb0e1d4ac 100644
|
||||
--- a/com32/lua/src/ldebug.c
|
||||
+++ b/com32/lua/src/ldebug.c
|
||||
@@ -133,10 +133,11 @@ static const char *upvalname (Proto *p, int uv) {
|
||||
|
||||
static const char *findvararg (CallInfo *ci, int n, StkId *pos) {
|
||||
int nparams = clLvalue(ci->func)->p->numparams;
|
||||
- if (n >= ci->u.l.base - ci->func - nparams)
|
||||
+ int nvararg = ci->u.l.base - ci->func - nparams;
|
||||
+ if (n <= -nvararg)
|
||||
return NULL; /* no such vararg */
|
||||
else {
|
||||
- *pos = ci->func + nparams + n;
|
||||
+ *pos = ci->func + nparams - n;
|
||||
return "(*vararg)"; /* generic name for any vararg */
|
||||
}
|
||||
}
|
||||
@@ -148,7 +149,7 @@ static const char *findlocal (lua_State *L, CallInfo *ci, int n,
|
||||
StkId base;
|
||||
if (isLua(ci)) {
|
||||
if (n < 0) /* access to vararg values? */
|
||||
- return findvararg(ci, -n, pos);
|
||||
+ return findvararg(ci, n, pos);
|
||||
else {
|
||||
base = ci->u.l.base;
|
||||
name = luaF_getlocalname(ci_func(ci)->p, n, currentpc(ci));
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: syslinux
|
||||
Version: 6.04
|
||||
Release: 16
|
||||
Release: 17
|
||||
License: GPLv2+
|
||||
Summary: The Syslinux boot loader collection
|
||||
URL: http://syslinux.zytor.com/wiki/index.php/The_Syslinux_Project
|
||||
@ -28,6 +28,7 @@ Patch0005: backport-add-RPMOPTFLAGS-to-CFLAGS-for-some-stuff.patch
|
||||
Patch0006: backport-tweak-for-gcc-10.patch
|
||||
Patch0007: backport-zlib-update.patch
|
||||
Patch0008: backport-libpng-update-to-1.6.36.patch
|
||||
Patch0009: backport-CVE-2020-24370.patch
|
||||
|
||||
%description
|
||||
The Syslinux Project covers lightweight bootloaders for MS-DOS FAT filesystems (SYSLINUX),
|
||||
@ -163,6 +164,9 @@ fi
|
||||
%{_datadir}/syslinux/efi64
|
||||
|
||||
%changelog
|
||||
* Wed Mar 12 2025 lingsheng <lingsheng1@h-partners.com> - 6.04-17
|
||||
- fix CVE-2020-24370
|
||||
|
||||
* Thu Aug 29 2024 lingsheng <lingsheng1@h-partners.com> - 6.04-16
|
||||
- update libpng 1.6.36 to fix CVE-2011-2501 CVE-2011-2690 CVE-2011-2691
|
||||
- CVE-2011-2692 CVE-2011-3045 CVE-2011-3048 CVE-2012-3425 CVE-2015-7981
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user